[jira] [Updated] (YARN-3654) ContainerLogsPage web UI should not have meta-refresh
[
https://issues.apache.org/jira/browse/YARN-3654?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Vinod Kumar Vavilapalli updated YARN-3654:
--
Labels: 2.7.2-candidate (was: )
> ContainerLogsPage web UI should not have meta-refresh
> -
>
> Key: YARN-3654
> URL: https://issues.apache.org/jira/browse/YARN-3654
> Project: Hadoop YARN
> Issue Type: Bug
> Components: yarn
>Affects Versions: 2.7.1
>Reporter: Xuan Gong
>Assignee: Xuan Gong
> Labels: 2.7.2-candidate
> Fix For: 2.8.0
>
> Attachments: YARN-3654.1.patch, YARN-3654.2.patch
>
>
> Currently, When we try to find the container logs for the finished
> application, it will re-direct to the url which we re-configured for
> yarn.log.server.url in yarn-site.xml. But in ContainerLogsPage, we are using
> meta-refresh:
> {code}
> set(TITLE, join("Redirecting to log server for ", $(CONTAINER_ID)));
> html.meta_http("refresh", "1; url=" + redirectUrl);
> {code}
> which is not good for some browsers which need to enable the meta-refresh in
> their security setting, especially for IE which meta-refresh is considered a
> security hole.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Updated] (YARN-3654) ContainerLogsPage web UI should not have meta-refresh
[
https://issues.apache.org/jira/browse/YARN-3654?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Xuan Gong updated YARN-3654:
Attachment: YARN-3654.2.patch
> ContainerLogsPage web UI should not have meta-refresh
> -
>
> Key: YARN-3654
> URL: https://issues.apache.org/jira/browse/YARN-3654
> Project: Hadoop YARN
> Issue Type: Bug
> Components: yarn
>Affects Versions: 2.7.1
>Reporter: Xuan Gong
>Assignee: Xuan Gong
> Attachments: YARN-3654.1.patch, YARN-3654.2.patch
>
>
> Currently, When we try to find the container logs for the finished
> application, it will re-direct to the url which we re-configured for
> yarn.log.server.url in yarn-site.xml. But in ContainerLogsPage, we are using
> meta-refresh:
> {code}
> set(TITLE, join("Redirecting to log server for ", $(CONTAINER_ID)));
> html.meta_http("refresh", "1; url=" + redirectUrl);
> {code}
> which is not good for some browsers which need to enable the meta-refresh in
> their security setting, especially for IE which meta-refresh is considered a
> security hole.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Updated] (YARN-3654) ContainerLogsPage web UI should not have meta-refresh
[
https://issues.apache.org/jira/browse/YARN-3654?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Xuan Gong updated YARN-3654:
Attachment: YARN-3654.1.patch
Create a patch based on my proposal.
Tested the patch in a single node cluster.
* use firefox (chrome and safari can not be used to do the test), in
Preferences--> Advanced -->General, mark "Warn me when websites try to redirect
or reload the page"
* start a historyserver, and configure yarn.log.server.url and point to
historyserver log (such as http://localhost:19888/jobhistory/logs)
* Run a mapreduce job, and wait for the job finishes
* go to application web ui and click the log url in attempts table
* without the patch, the firefox browser will block the redirect and ask for
the permission whether the redirection is allowed
* with this patch, it will directly redirect to the url that we re-configured
in yarn-site.xml
> ContainerLogsPage web UI should not have meta-refresh
> -
>
> Key: YARN-3654
> URL: https://issues.apache.org/jira/browse/YARN-3654
> Project: Hadoop YARN
> Issue Type: Bug
> Components: yarn
>Affects Versions: 2.7.1
>Reporter: Xuan Gong
>Assignee: Xuan Gong
> Attachments: YARN-3654.1.patch
>
>
> Currently, When we try to find the container logs for the finished
> application, it will re-direct to the url which we re-configured for
> yarn.log.server.url in yarn-site.xml. But in ContainerLogsPage, we are using
> meta-refresh:
> {code}
> set(TITLE, join("Redirecting to log server for ", $(CONTAINER_ID)));
> html.meta_http("refresh", "1; url=" + redirectUrl);
> {code}
> which is not good for some browsers which need to enable the meta-refresh in
> their security setting, especially for IE which meta-refresh is considered a
> security hole.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
